Feeds

Mafia boss undone by clumsy crypto

Little Caesar

High performance access to file storage

Clues left in the clumsily encrypted notes of a Mafia don have helped Italian investigators to track his associates and ultimately contributed to his capture after years on the run.

The recently busted Bernardo Provenzano, reputed to be the "boss of bosses" of the Sicilian Mafia, used a modified form of the Caesar cipher to obscure "sensitive information" in notes left to either his family or underlings.

According to a biography (written by Italian journalists Salvo Palazzolo and Ernesto Oliva) on bernardoprovenzano.net, the content of these notes varied from meal requests to his family to orders to his lieutenants where numbers were used to disguise people's names.

Provenzano, 73, was arrested last week in a farm close to his home town of Corleone on the Italian island of Sicily after almost 40 years on the run. He's accused of numerous homicides including the 1992 murder of two judges, a crime that earned him a life sentence in absentia. Provenzano who earned the nickname Binnu u tratturi (Binnu the tractor) because of his rep for mowing down enemies, latterly took to writing instructions incorporating basic encryption on small scraps of paper, known locally as pizzini.

The classic Caesar cipher moves every letter in the alphabet three charecters later (so A becomes D and B becomes E, etc.). The so-called Binnu code assigns a number in order to each letter in the Italian alphabet and adds three to that number in the ciphertext so that "A" is 4, "B" is 5 and so on.

The code would have been more secure if the numerical shift applied to the ciphertext was varied from time to time. As it was, the contents of messages was readily deciphered. "Looks like kindergarten cryptography to me. It will keep your kid sister out, but it won't keep the police out. But what do you expect from someone who is computer illiterate?" security guru Bruce Schneier told Discovery News.

Provenzano left school aged only eight, a factor which might explain the simplistic nature of the way sensitive messages, normally typed out on old typewriters, were encoded. The decipherment of the pizzini sent and received by Provenzano allowed police to identify his associates and ultimately contributed to investigative efforts that led to Provenzano's arrest, Discovery News reports. ®

High performance access to file storage

More from The Register

next story
Forget the beach 'n' boardwalk, check out the Santa Cruz STEVE JOBS FOUNTAIN
Reg reader snaps shot of touching tribute to Apple icon
Spanish village called 'Kill the Jews' mulls rebranding exercise
Not exactly attractive to the Israeli tourist demographic
Oz bank in comedy Heartbleed blog FAIL
Bank: 'We are now safely patched.' Customers: 'You were using OpenSSL?'
Happy 40th Playmobil: Reg looks back at small, rude world of our favourite tiny toys
Little men straddle LOHAN, attend tiny G20 Summit... ah, sweet memories...
Lego is the TOOL OF SATAN, thunders Polish priest
New minifigs like Monster Fighters are turning kids to the dark side
Dark SITH LORD 'Darth Vader' joins battle to rule, er, Ukraine
Only I can 'make an empire out of a republic' intones presidential candidate
Chinese company counters pollution by importing fresh air
Citizens line up for bags of that sweet, sweet mountain air
Google asks April Fools: Want a job? Be our 'Pokemon Master'
Mountain View is prankin' like it's 1999...
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.